UK businesses turn to ex-hackers to improve cyber defences

RadwareTuesday 28 June 16

Radware, a leading provider of cyber security and application delivery solutions ensuring optimal service level for applications in virtual, cloud and software defined data centers, today announced the release of 2016 Executive Application & Network Security Survey, which found that more than 20% of UK businesses have already invited hackers to assess their security systems and a further 37% are open to the idea.
The new report, which sought the opinions of over 200 executives across the US and UK, found that three in five respondents experienced a cyber attack in the last 12 months. Concerns over the growing threat led four in five respondents to state that security is now a CEO or board level concern while 33% stated that a change in C…

Radware, a leading provider of cyber security and application delivery solutions ensuring optimal service level for applications in virtual, cloud and software defined data centers, today announced the release of 2016 Executive Application & Network Security Survey, which found that more than 20% of UK businesses have already invited hackers to assess their security systems and a further 37% are open to the idea.

The new report, which sought the opinions of over 200 executives across the US and UK, found that three in five respondents experienced a cyber attack in the last 12 months. Concerns over the growing threat led four in five respondents to state that security is now a CEO or board level concern while 33% stated that a change in C-level awareness is critical in order to thwart the latest attacks.

Among the leading concerns for executives is the Internet of Things (IoT), with connected devices identified by 29% as ‘extremely likely’ to be a target for cyber criminals over the next three to five years. Although businesses understand the threat, many are unsure how or where to direct their resources to defend against it, leading to the consideration of hiring an ex-hacker.

Ransomware is high on the agenda too, with around one in seven respondents experiencing a ransom attack over the last year. In fact, at least three companies said they were under attack at the time of the survey. Although UK executives expressed an unwillingness to pay a ransom (9% saying they would pay, compared to 23% in the US), 7 of 11 who admitted they had been attacked did pay the ransom, compared to 5 out of 17 in the US. There is also a contrast in the ransom amount, with the US average of £5,235 dwarfed by the UK average of £22,218.

Adrian Crawley, regional director for Northern EMEA at Radware, believes that hiring ex-hackers will be a fundamental part of corporate security strategy in the future as companies look for ways to stay ahead of new and sophisticated attackers: “Businesses need to get prepared fast, and there’s no better way than to see an attack than through the eyes of a hacker. I think we’ll see the trend to seek the opinion of an ex-hacker grow exponentially in the next year as businesses review their blind spots. Ex-hackers are well equipped to identify specific weaknesses, spot a fake ransom attack and can be employed to legitimately break the network and advise where security improvements are needed.”

“Risks will only become more exaggerated as IoT takes off, ” adds Adrian. “The more things you connect to the network the more portals in. Ex-hackers are perfectly placed to test the IoT strategy before products are launched to the consumer. With such huge revenues at stake it’s imperative the consumer’s security and the business’ reputation are always secure.”

Close to two-thirds of executives reported that their general IT spending increased by between 10-59% within the last year. However, 60% of UK respondents said they did not know how much their company is spending specifically on implementing safeguards against hackers.

Despite this, many understand the impact that a cyber attack can have with operational loss and brand reputation loss identified as the biggest threats (mentioned by 32% and 31% respectively). A further 27% of UK executives cited revenue loss as the biggest impact of cyber attacks, with 34% of UK executives estimating that an attack would cost them between £70,000 and £175,000.

The study demonstrates that many companies will struggle when faced with new attack types. Adrian explains: “In our ERT survey earlier this year, in 50% of cases the organisations surveyed had no idea why they had been attacked. Our new report demonstrates that many executives do not know how much they are spending on cyber defence either.

“It’s clear the warning lights are flashing, more than half of UK executives do not know how much their company has spent on fighting attacks or implementing safeguards to prevent future attacks. Awareness of cyber threats needs to grow not just in boardrooms but throughout the organisation so that potential vulnerabilities can be identified and closed off to attackers as soon as they are found.

“As attacks become more sophisticated, businesses may fall into a black hole as they pump more money into reacting and recovering from cyber attacks rather than taking proactive measures to stop them in the first place. Tactics need to change and employing an ex hacker presents an alternative. Cyber attacks are not going to go away, they will only become more complex. Businesses that have addressed the threats caused by new technologies like IoT in order to have the most robust defences.”

Quick Links

Social Links

Total Telecom meets the information and research needs of the Global Communications industry, from breaking news to expert analysis. It is the leading communications link between end users and the vendors, carriers and resellers of telecommunications technology and services.